Skip to content
Advertisement

Tag: exploit

Double Free – crash or no crash

Can someone explain me why freeing a twice in a row causes a crash, but freeing a first, then b, and then a again does not crash? I know that a free will insert the heap chunk in a double linked free list. Freeing twice would insert the same chunk twice in the free list. But why is the crash

What is vulnerable about this C code?

The way I understand it, the code above allows arbitrary code (or program) execution — what makes this vulnerable, and how does one take advantage of this? Answer You can override the PATH variable to point to a directory with your custom version of echo and since echo is executed using env, it isn’t treated as a built-in. This constitues

Advertisement